CVE-2007-2205

CVE-2010-2205 - Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. Per: ...
5 years ago

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-3325 - PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and ...
7 years ago

CVE-2007-2205 - PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than ...
6 years ago

CVE-2011-2205 - Prosody before 0.8.1 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, ...
7 years ago

CVE-2002-2205 - Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by connecting to the server from an IP address that resolves to a long hostname. ...
16 years ago

CVE-2005-2205 - The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. ...
16 years ago

CVE-2009-2205 - Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. ...
15 years ago

CVE-2006-2205 - The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device. ...
11 years ago

CVE-2013-2205 - The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. ...
7 years ago

CVE-2004-2205 - Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. ...
7 years ago

CVE-2012-2205 - Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a workspace query. ...
7 years ago

CVE-2016-2205 - Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 ...
7 years ago

CVE-2014-2205 - The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External ...
6 years ago

CVE-2008-2205 - SQL injection vulnerability in index.php in Maian Music 1.1 allows remote attackers to execute arbitrary SQL commands via the album parameter in an album action. ...
6 years ago

CVE-2021-2205 - Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network ...
3 years ago

CVE-2019-2205 - In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for ...
3 years ago

CVE-2022-41204 - An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This ...
2 years ago

CVE-2022-41266 - Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting ...
1 year ago

CVE-2023-2205 - A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /function/login.php. The manipulation of the argument email leads to sql ...
1 year ago

CVE-2022-34402 - Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service. ...
1 year ago

CVE-2023-37486 - Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on ...
2 weeks ago

CVE-2020-2205 - Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by Jenkins administrators. ...
11 months ago

CVE-2018-2205 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
54 years ago Tenable.com

CVE-2023-42481 - In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user account again and re-gain access if SAP Commerce ...
10 months ago Tenable.com